The mobile service provider AT&T puts default lists of trusted Wireless networks into its customers\u2019 iOS and Android devices. In this way, users will automatically connect to a variety of Wi-Fi hotspots managed by AT&T. Comcast\u2019s XFININTY is also in the business of disseminating wireless hotspots for its customers. Problematically, once you connect to one of these hotspots, it appears your device may automatically connect to any other hotspots you come across that broadcast the same network name and SSID.<\/p>\n
There are obvious benefits to connecting to these hotspots, assuming they\u2019re secure. Therein lies one problem though, you just don\u2019t know how secure they are. They could be incredibly secure or they could be a bit leaky. You just don\u2019t know. Perhaps more importantly, even if AT&T and XFINITY\u2019s Wi-Fi hotspots are secure, you really don\u2019t know if a network is actually controlled by the entity it claims to be controlled by. The increasingly Wi-Fi-enabled ecosystem in which we operate is conducive to attackers who would set up rogue or malicious Wi-Fi hotspots in order to monitor internet communications via man-in-the-middle attacks<\/a>, pilfer login credentials, infect users with malware<\/a>, and perform other malicious actions.<\/p>\n According to a report by Sean Gallagher of Ars Technica<\/a>, mobile phones operating on AT&T\u2019s network are set to connect automatically to any networks titled \u201cattwifi.\u201d Furthermore, as recent reports have pointed out, Comcast\u2019s XFININTY Internet service is in the process of rolling out a feature called \u201cXFINIFTY WiFi.\u201d The service relies on the modems and routers of its users. While part of your router and modem will generate the internet for your home and your private network, another part will act as a public hotspot available to anyone with a Comcast XFINITY username and password.<\/p>\n Gallagher set up his personal laptop as wireless hotspot broadcasting the name \u201cattwifi.\u201d He then removed all the preferred network settings on his mobile device, and turned on his wireless. Almost immediately he was connected to the rogue network he had just created. He then disconnected from the hotspot. Within a matter of seconds, he was automatically connected to an XFININTY network broadcasting the name \u201cxfinintywifi,\u201d which was being transmitted from the modem and router of a neighbor.<\/p> As ISPs expand Wi-Fi availability, users are vulnerable to attacks that rely on rogue and malicious hotspots:<\/p>Tweet<\/a><\/blockquote>\n The reason for that, Gallagher explains, is that he had recently accessed another \u2018XFINITY WiFi\u2019 wireless network while waiting for an appointment earlier in the week. Each time a user connects, he or she has to re-authenticate with an XFINITY username-password combo. However, if you have already authenticated yourself in the last day, you won\u2019t be prompted again.<\/p>\n There are a couple of problems here. One, AT&T users with default settings or those that have previously connected to a wireless network with the \u201cattwifi\u201d SSID would automatically connect to any network under that name, whether the connection is malicious or legitimately owned by AT&T. Two, a malicious actor could set up a rogue \u2018XFINITY WiFi\u2019 wireless network and present users with a spoofed login page whenever anyone tried to connect, thus giving the attacker the ability to steal XFINITY login credentials. This in turn could give the attacker access to XFINITY Web accounts and potentially partial payment and other sensitive information.<\/p>\n In order to prevent these auto-connects from occurring, iOS users should make it so that their device asks for permission before joining a wireless network. Users can activate the \u201cAsk to join other networks\u201d feature by going into their settings and accessing the \u201cWi-Fi\u201d sub-settings page. Gallagher explains that Android users were only very recently given the ability to disable auto-connect with a carrier updated from AT&T. So, AT&T Android users should make sure they have installed the latest update.<\/p>\n As always, it\u2019s a good idea to just avoid public Wi-Fi<\/a> altogether and to run a solid security product<\/a> for protection in the event that something goes awry.<\/p>\n","protected":false},"excerpt":{"rendered":" As ISPs push to make Wi-Fi more widely available outside the home, users are increasingly vulnerable to attacks that rely on rogue and malicious hotspots <\/p>\n","protected":false},"author":42,"featured_media":3769,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5,9],"tags":[105,725,723,722,218,721,720,724],"class_list":{"0":"post-3768","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"category-tips","9":"tag-android","10":"tag-att","11":"tag-comcast","12":"tag-man-in-the-middle-attacks","13":"tag-mobile-security","14":"tag-public-wireless","15":"tag-rogue-wi-fi","16":"tag-xfinity"},"hreflang":[{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/millions-of-smartphones-vulnerable-to-rogue-hotspots-by-default\/3768\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/millions-of-smartphones-vulnerable-to-rogue-hotspots-by-default\/3667\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/millions-of-smartphones-vulnerable-to-rogue-hotspots-by-default\/4142\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/millions-of-smartphones-vulnerable-to-rogue-hotspots-by-default\/4393\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/millions-of-smartphones-vulnerable-to-rogue-hotspots-by-default\/5458\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/millions-of-smartphones-vulnerable-to-rogue-hotspots-by-default\/4252\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/millions-of-smartphones-vulnerable-to-rogue-hotspots-by-default\/5458\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/millions-of-smartphones-vulnerable-to-rogue-hotspots-by-default\/5458\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.co.in\/blog\/tag\/android\/","name":"Android"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/posts\/3768","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/users\/42"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/comments?post=3768"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/posts\/3768\/revisions"}],"predecessor-version":[{"id":19133,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/posts\/3768\/revisions\/19133"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/media\/3769"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/media?parent=3768"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/categories?post=3768"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/tags?post=3768"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}